A collection of discussions, links, stories, news and whatever else I find interesting in the fields of computing, information, science, privacy, semantics, mathematics and so on...

Tuesday, 11 June 2013

Privacy, Data Collection and Surveillance

The privacy debate about the collection
of data by the NSA continues with many asking questions about the moral and
ethical issues surrounding this. The phrase "the death of privacy" is
abound.

This is true I'm afraid, we lost our
privacy, but not when the NSA starting collecting data but when we starting communicating
using technologies that were readily and easily available - that probably dates
back to the birth of written communication.

Data collection concerns me certainly,
but here I want to focus on one of the maxims of privacy: "if you don'tuse it, don't collect it" and the fact that privacy is much more about the
usage of data, not its collection (viz. the above maxim).

One can argue that merely using Google,
Facebook and all the rest of the social media services one has already lost
one's privacy, but interaction with these services is voluntary - no-one forced
you to post those party pictures to the entire World and dog (complete with
EXIF and location information).

In the above respects we have not lost
privacy but moved the bounds of what personally and socially we call privacy –
obviously people are not placing emphasis on the moral and ethical issues but
rather on the economic benefit of using such data consuming services. In
writing this blog I am losing my privacy, but with the economic gain of brand
building and knowledge sharing.

Using this data consumers and users can
be profiled and classified; typically for the serving of the perfect advertisement.
However this is not unlike what an "old style shopkeeper" did through
personally knowing his customers. The major difference is that today this is
done automatically and impersonally by computer. We lost the link with that
corner shop keeper who knew us and our families personally. Ever try contacting
the customer service departments of practically any company these days?

This also touches on the point that users
start or have started to feel that they are not in control of their data.

Most advertising and profiling companies are
using classification structures that are fairly coarse grained but then further
refined those with additional [coarse] grained data such as location and social
network. This for the most part is nothing more than could be understood by
reflecting on one's own life, place of abode and neighbourhood. For the most
part this is just reasserting what is already derivable from a person’s
postcode.

Much of the data collected by the NSA in
the current revelations is somewhat innocuous; primarily this seems to be just
telephone record meta-data like the kind you see on an itemized bill. But such
innocuous data can easily be cross-referenced and fingerprinted.

The trouble here is that government
authorities can have a more insidious effect upon a person's life than a
supermarket or credit card provider can. Indeed there are safe guards and
protections through the rule of law - though as we have seen these can be
constructed so that under some circumstances the law can allow whatever is
necessary to get a/the job done.

Before however we dismiss the above,
consider two points:

automatic guilt, or, guilty until
proven innocent

scope creep

The first derives from the fact that all
your actions may be used against you in the future. If you think you have nothing to hide then consider all the crimes you committed
today? Did you drive over the speed limit, run a red light, have you ever stolen something/anything etc?

The second derives from the first that
once you have this information then it could be used for purposes well beyond
its original intent. Worse are the twin possibilities of false positives and
false negatives. Consider councils in the UK using CCTV cameras originally
intended to catch terrorists and prevent crime (in general) for catching dog owners not cleaning up after
their dogs.

From the above the moral and ethical
arguments are easily fashioned, the economic arguments are much more difficult
and vary depending upon the context and our view of what society should be:

Is personal freedom, privacy and liberty
greater than that of society's?

Is mass surveillance better than letting
one "terrorist" commit an act of atrocity?

These questions however go right to the
heart of the definitions of freedom, liberty, privacy, security, society and our
own control over our own data. I don't think any of us even remotely comprehend
the repercussions and difficulties of even trying to address, let alone answer
such questions.

But until we start having this debate in an impartial, focused and formal manner with the terms and definitions clearly stated, judging and/or condemning any form of data collection and any form of processing and usage of data is not going to be possible in any meaningful, lasting manner.

In another way we're back to a question
posted by a group of mathematicians regarding the esoteric nature of things as
we move away from the fundamental building blocks, and losing sight of what
those building blocks [of society and humanity] actually mean.

Whether the NSA and everyone else's collection of data is right or wrong I can't answer, but the debate about what privacy actually is and our relationship personally and as a society with the concepts of privacy, security and trust is going to be an extremely interesting debate with wide repercussions.